v19INF7: New MD4 based header to be used in c.s.m posts
Kent Landfield
kent at sparky.IMD.Sterling.COM
Thu May 9 11:59:35 AEST 1991
Submitted-by: Kent Landfield <kent at sparky.IMD.Sterling.COM>
Posting-number: Volume 19, Info 7
Archive-name: md4_header
MD4 can be used to apply a fingerprint on an article posted to USENET.
When run through a verification tool, MD4 will tell you whether an article
has been corrupted. The use of MD4 does not detect or prevent the complete
replacement of an article. Think of MD4 as a super-strong checksum. The
header X-Md4-Signature: contains the value that will be checked against to
determine if the article is intact.
I am going to be using the X-Md4-Signature: header on all articles posted
to the newsgroup comp.sources.misc. While I don't think that this is worth
doing for most general USENET articles, it will be extremely useful for
archives. X-Md4-Signature: is going to replace the X-Checksum-Snefru: header
previously used in this newsgroup. Why the change ???
# Subject: [crypt] Latest Attack on Snefru
# Message-ID: <1991Apr26.010111.10500 at ox.com>
# Date: 26 Apr 91 01:01:11 GMT
# Approved: emv at msen.com (Edward Vielmetti, MSEN)
#
# Archive-name: security/crypt/snefru/1991-04-25
# Archive-directory: arisia.xerox.com:/pub/hash/ [13.1.100.206]
# Original-posting-by: merkle at parc.xerox.com (Ralph Merkle)
# Original-subject: Latest Attack on Snefru
# Reposted-by: emv at msen.com (Edward Vielmetti, MSEN)
#
# Eli Biham is submitting a paper to Crypto '91 which includes
# several interesting cryptanalytic results.
#
# To quote from his letter to me:
#
# "The main results on Snefru are: Two-pass and three-pass Snefru
# are breakable by a black box attack in which the attacker should
# not know the choice of the S boxes used. Snefru with up to four
# passes is breakable faster than 2**45 operations provided the S
# boxes are known to the attacker. Message hashing to the same
# value as any given message can be obtained faster than the brute
# force attack for Snefru with up to four passes. These attacks
# are faster than 2**64 operation for the two-pass and the
# three-pass variants."
#
# Although Eli has developed a faster-than-brute-force attack on
# Snefru with four passes, he has not claimed the prize for breaking
# it. To claim the prize requires actual generation of a pair of
# inputs that map to the same output. Perhaps by 'Crypto 92.
#
# Snefru with 8 passes is available by anonymous FTP from
# arisia.xerox.com in directory /pub/hash. Cryptanalytic
# difficulty typically increases exponentially in the number
# of passes, while execution time increases linearly. Further
# investigation is required before the security (or lack thereof)
# of Snefru with 8 passes can be established.
#
# I have not heard of a prize for breaking MD4. Come on, Ron!
This message is also a note to archivers who are using the CHECKHASH
feature available with rkive to verify articles posted to c.s.misc
and to c.s.unix. *PLEASE* disable the usage of CHECKHASH for c.s.misc
until you have had an opportunity to install the checkmd4 utility that
will be posted later tonight in comp.sources.misc. A patch to rkive
to support the new header is also slated to be posted tonight.
So what happens if you do not disable CHECKHASH?... The archived
articles will just appear in the problems directory and you can copy
them into place from there... No big deal, just thought I would warn
you... :-)
I would like to thank Ron Rivest (the author of RFC1186, "The MD4 Message
Digest Algorithm") for the MD4 code and RSA Data Security, Inc. for giving
me the permission to post it. I would also like to thank Rich Salz for the
push to do it and for his snefru code that I hacked...
-Kent+
--
Kent Landfield INTERNET: kent at sparky.IMD.Sterling.COM
Sterling Software, IMD UUCP: uunet!sparky!kent
Phone: (402) 291-8300 FAX: (402) 291-4362
Please send comp.sources.misc-related mail to kent at uunet.uu.net.
More information about the Alt.sources.d
mailing list